josh/Vetting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(release): version live-image, skip rebuild+redownload when unchanged
CI / Lint + build + test (push) Successful in 1m41s
Details
Release / detect (push) Successful in 7s
Details
Release / build-live-image (push) Failing after 3m58s
Details
Release / bundle (push) Has been skipped
Details

Browse Source 
Splits the release workflow into three jobs (detect, build-live-image,
bundle) so the ~9 min mkosi build only runs when live-image/VERSION
bumps. The slim bundle (~30 MB: orchestrator + agent + deploy scripts
+ a live-image/VERSION pointer) rebuilds every push; the ~300 MB
vmlinuz+initrd.img are published separately under the immutable
live-image/<version>/ path. install.sh compares the pointer to
/var/lib/vetting/live/VERSION and fetches the files only on mismatch,
cutting repeat-install wall-clock from ~30 s + 300 MB to ~10 s + 0 MB
on the common no-live-image-change release.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Josh Wright
2026-04-20 21:04:14 -04:00
parent 4c153bb115
commit 211abdf08f
7 changed files with 309 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Makefile
+3 -6
View File
@@ -71,18 +71,15 @@ install: orchestrator-linux agent-linux ## Run deploy/install.sh (must be run on
sudo ./deploy/install.sh --binary ./bin/vetting-linux-amd64 --agent-binary ./bin/vetting-agent.linux-amd64
.PHONY: release
release: orchestrator-linux agent-linux live-image ## Build the scp-and-go release tarball (run from Linux/WSL)
ifneq ($(findstring Windows,$(UNAME_S))$(findstring MINGW,$(UNAME_S))$(findstring MSYS,$(UNAME_S)),)
@echo "ERROR: make release must be run from Linux/WSL (live-image dep needs mkosi)." && exit 1
endif
release: orchestrator-linux agent-linux ## Build the slim release tarball (no live-image files — they're fetched on install)
@set -e; \
stamp=vetting-bundle-$(GIT_SHA); \
stamp=vetting-bundle; \
rm -rf build/$$stamp bin/$$stamp.tar.gz; \
mkdir -p build/$$stamp/bin build/$$stamp/live-image; \
cp bin/vetting-linux-amd64 bin/vetting-agent.linux-amd64 build/$$stamp/bin/; \
cp live-image/build/vmlinuz live-image/build/initrd.img build/$$stamp/live-image/; \
cp deploy/install.sh deploy/pxe-setup.sh deploy/vetting.service \
deploy/vetting.production.yaml deploy/ipxe-shas.txt build/$$stamp/; \
cp live-image/VERSION build/$$stamp/live-image/VERSION; \
echo $(GIT_SHA) > build/$$stamp/VERSION; \
tar -C build -czf bin/$$stamp.tar.gz $$stamp; \
echo "wrote bin/$$stamp.tar.gz ($$(du -h bin/$$stamp.tar.gz | cut -f1))"